|
|
|
@ -32,8 +32,8 @@ instead of the internal one (which would the most logical), NAT reflection can r
|
|
|
|
|
the internal IP, in order to avoid taking a detour and applying rules meant for actual outside traffic.
|
|
|
|
|
|
|
|
|
|
.. Note::
|
|
|
|
|
The NAT rules generated with enabling **NAT reflection** only include networks directly connected to your
|
|
|
|
|
Firewall. This means if you have a private network separated from your LAN you need to add this with a
|
|
|
|
|
The NAT rules generated with enabling **NAT reflection** only include networks directly connected to your
|
|
|
|
|
Firewall. This means if you have a private network separated from your LAN you need to add this with a
|
|
|
|
|
manual outbound NAT rule.
|
|
|
|
|
|
|
|
|
|
**Pool options**: When there are multiple IPs to choose from, this option will allow regulating which IP gets used.
|
|
|
|
@ -162,3 +162,12 @@ When adding a rule, the following fields are available:
|
|
|
|
|
No XMLRPC sync Prevent this rule from being synced to a backup host. (Checking this on the backup host has no effect.)
|
|
|
|
|
Description A description to easily find the rule in the overview.
|
|
|
|
|
===================== ==========================================================================================================
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
--------------------
|
|
|
|
|
API access
|
|
|
|
|
--------------------
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Partial API access, for outbound NAT, is provided with the :code:`os-firewall` plugin, which is described in more detail in
|
|
|
|
|
the :doc:`firewall <../development/api/plugins/firewall>` api reference manual.
|
|
|
|
|